6 matches found
CVE-2025-49007
A flaw was found in Rack. The Content-Disposition parsing component exhibits a denial of service vulnerability due to improper handling of specially crafted input, allowing a remote attacker to trigger a crash. This vulnerability is triggered by processing a malicious Content-Disposition header...
CVE-2025-49007
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can caus...
CVE-2025-49007
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can caus...
CVE-2025-49007
creationtimestamp| type| source ---|---|--- 2025-06-04 23:03:18+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqsw246e33j2 2025-06-07 19:58:28+00:00| seen| https://bsky.app/profile/andrewnez.mastodon.social.ap.brid.gy/post/3lr253dgeazj2...
CVE-2025-49007 ReDoS Vulnerability in Rack::Multipart handle_mime_head
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can caus...
CVE-2025-49007 ReDoS Vulnerability in Rack::Multipart handle_mime_head
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can caus...